On-going Internet Emergency and Domain Names
Douglas Otis
dotis at mail-abuse.org
Mon Apr 2 01:16:56 UTC 2007
On Sun, 2007-04-01 at 16:42 -0700, Roland Dobbins wrote:
>
> On Apr 1, 2007, at 3:36 PM, Douglas Otis wrote:
>
> > By ensuring data published by registry's can be previewed, all
> > registrars would be affected equally.
>
> But what is the probative value of the 'preview'? By what criteria
> is the reputational quality of the domain assessed, and by whom?
A preview affords time for correlating and pushing protective
information to the edge. Some reviewing previews may specialize in
look-alike fraud. Others may specialize in net nanny services.
Not all exploits will be initially recognized, where a defense in depth
should include examining the infrastructure. A preview is required
before this infrastructural information can offer the greatest level of
protection. Reacting to new domains after the fact is often too late.
> It almost seems as if the base problem has to do with credit-card
> transaction validation and fraud reporting, rather than anything to
> do with the actual domain registration process?
Until Internet commerce requires some physical proof of identity, fraud
will continue. A zone preview approach can reduce related exploits and
associated crime, and the amount of information pushed to the edge.
-Doug
More information about the NANOG
mailing list